- Amazon EC2 uses public key cryptography to encrypt and decrypt log information. Public key cryptography uses a public key to encrypt a piece of data, such as a password, then the recipient uses the private key to decrypt the data. The public and private keys together are known as a "key pair."
-To login to your instance, you must create a key pair. You specify the name of the key pair when you launch the instance, and provide the private key when you connect to the instance.
- Linux and Unix instances have no password, rather, you use this key pair to login using SSH.
-With Windows instances, you use a key pair to obtain the administrator password, and then login using RDP.
So, a key pair is assigned to an instance when you spin one up, and it controls your SSH access to instances. Bottom line, before spinning up your very first EC2 instance, you need to create a key pair. And that's what we're going to do in this section.
So, you see here,
~Logged into the console of AWS,Key pairs are associated with EC2, so go into the "EC2 services," then down on the left-hand menu, we'll click on "key pairs".
~And not surprisingly, we'll use this big blue button, "Create Key Pair". Now, you need to give your key pair a name. I recommend coming up with some convention for these that works for you and your organization.
For example, your application environments might use separate key pairs, like, one for dev, and one for production. So I'm going to label ours "dev-2014".
~Click "create". And it both created the initial key pair, and also, it downloaded the PIM file for us automatically. This is your private key of the public/private key pair we discussed. This is our access to any server we launch with this key pair, so you don't want to lose it. Since we wll be using SSH to login to our instances, once they're created, I need to ensure proper permissions are set on this PIM file.
~Make the downloaded PIM file read-only, for the owner.
-So now that we have our key pair in place, the next thing to do is set up our needed security groups. So, as you can see, we are taking a security first approach. And what we're going to do in the next section is set up the needed security groups.
-To login to your instance, you must create a key pair. You specify the name of the key pair when you launch the instance, and provide the private key when you connect to the instance.
- Linux and Unix instances have no password, rather, you use this key pair to login using SSH.
-With Windows instances, you use a key pair to obtain the administrator password, and then login using RDP.
So, a key pair is assigned to an instance when you spin one up, and it controls your SSH access to instances. Bottom line, before spinning up your very first EC2 instance, you need to create a key pair. And that's what we're going to do in this section.
So, you see here,
~Logged into the console of AWS,Key pairs are associated with EC2, so go into the "EC2 services," then down on the left-hand menu, we'll click on "key pairs".
~And not surprisingly, we'll use this big blue button, "Create Key Pair". Now, you need to give your key pair a name. I recommend coming up with some convention for these that works for you and your organization.
For example, your application environments might use separate key pairs, like, one for dev, and one for production. So I'm going to label ours "dev-2014".
~Click "create". And it both created the initial key pair, and also, it downloaded the PIM file for us automatically. This is your private key of the public/private key pair we discussed. This is our access to any server we launch with this key pair, so you don't want to lose it. Since we wll be using SSH to login to our instances, once they're created, I need to ensure proper permissions are set on this PIM file.
~Make the downloaded PIM file read-only, for the owner.
-So now that we have our key pair in place, the next thing to do is set up our needed security groups. So, as you can see, we are taking a security first approach. And what we're going to do in the next section is set up the needed security groups.
Comments
Post a Comment